The business and culture of our digital lives, from the L.A. Times

LulzSec hackers leak personal data from Sony servers, mock the FBI

June 3, 2011 | 11:39
am

Lulz Security, a hacker group which has claimed responsibility for hacking PBS and Sony's websites recently, posted personal data from Sony Pictures servers on Friday.

The group posted the data to the website Pastebin and the Associated Press reported that it had verified it with people whose information -- including user names, passwords, addresses and phone numbers -- was leaked and indeed from Sony.

"Hackers say they managed to steal a massive trove of personal information from Sony Pictures' website using a basic technique which they claim shows how poorly the company guards its users' secrets," the AP said in its report. "Security experts agreed Friday, saying that the company's security was bypassed by a well-known attack method by which rogue commands are used to extract sensitive data from poorly-constructed websites."

On its Twitter account, the group also known as LulzSec said people frustrated with the group's actions should point their anger toward Sony, writing "hey innocent people whose data we leaked: blame @Sony."

Later, LulzSec said in tweets that they were laughing at the FBI, writing, "we sit and laugh at the FBI. No times decided, but we'll cook up something nice for tonight."

Officials at Sony Pictures, based in Culver City, and the FBI were not available for comment Friday morning.